Our Products:   CompleteFTP  edtFTPnet/Free  edtFTPnet/PRO  edtFTPj/Free  edtFTPj/PRO
0 votes
451 views
in .NET FTP by (780 points)

I am currently using edtFTPnetPro version 12.0 and was wondering about support for the curve25519-sha256 Key Exchange algorithm.  Two questions:

1.  Just curious about the decision not to support
curve25519-sha256.  Is that a security issue, more difficult to implement, other issue, etc.?

2.  Are there plans to add support for it in the near future?

I connect to a bunch of embedded devices that are running dropbear and the first method they list support for during the key exchange is curve25519-sha256.  Since edtFTPNetPro doesn't support this, my program uses one of the diffie-helman-group14 methods.  Clients like Putty, WinSCP, and OpenSSH all support the curve25519-sha256 algorithm and are much quicker to make the initial connection (5-10 seconds).  Whereas my program takes around 40 seconds to connect, and I believe it's because it's using diffie-helman-group14 instead.  Right now, I'm going to have to increase the default timeout used by my program, but I hate having to add unnecessary delays that slow my customers down.  It would be great if edtFTPNetPro has plans to add support for curve25519-sha256.

1 Answer

0 votes
by (162k points)
40 seconds! I would enable client and server debug logging and find out what the delay is. Selecting an algorithm should make no perceptible difference - certainly not 25 seconds.

The next release will have some additional kex algorithms, but not this particular one.
by (780 points)
Here's what I'm seeing in the client log.  It does the key exchange negotiation and then sends a SSH_MSG_KEXDH_INIT message and gets stuck waiting for the reply packet, which comes 29 seconds later.  Not sure what's happening during that time on the server.  (I added a few extra blank lines to easily show the point where it's waiting.)

DEBUG [SFTPMessageStore] 16 Oct 2023 10:17:44.619 :  Set timeout=30000
DEBUG [LicenseProperties] 16 Oct 2023 10:17:44.629 :  Production license
DEBUG [SSHSCPClient] 16 Oct 2023 10:17:44.629 :  Setting up fallback kbi prompt based on supplied password
DEBUG [HostNameResolver] 16 Oct 2023 10:17:44.633 :  Resolving 192.168.60.164
DEBUG [HostNameResolver] 16 Oct 2023 10:17:44.633 :  192.168.60.164 resolved to 192.168.60.164
DEBUG [SSHSCPClient] 16 Oct 2023 10:17:44.633 :  Connecting directly to SFTP server 192.168.60.164:22
INFO [BaseSocket] 16 Oct 2023 10:17:44.633 :  Connecting to 192.168.60.164:22 with timeout 30000 ms
DEBUG [BaseSocket] 16 Oct 2023 10:17:44.637 :  Successfully connected to 192.168.60.164:22
DEBUG [SSHSCPClient] 16 Oct 2023 10:17:44.637 :  Connected successfully to SFTP server 192.168.60.164:22
DEBUG [SSHConnection] 16 Oct 2023 10:17:44.638 :  Beginning protocol negotiation
DEBUG [SSH2Connection] 16 Oct 2023 10:17:44.639 :  Timeout=30000
DEBUG [SSHConnection] 16 Oct 2023 10:17:44.642 :  Sending client version=SSH-2.0-edtFTPnet/PRO_12.0.0.0
DEBUG [PlainSocket] 16 Oct 2023 10:17:44.642 : FTPConnection.1 Starting Receive thread
DEBUG [PlainSocket] 16 Oct 2023 10:17:44.642 :  Sent 32 bytes (NoDelay=True, SendBufferSize=65536, ReceiveBufferSize=65536)
DEBUG [PlainSocket] 16 Oct 2023 10:17:44.749 : FTPConnection.1 Receive received 418 bytes
DEBUG [ProtocolNegotiationHandler] 16 Oct 2023 10:17:44.759 : FTPConnection.1 offset=0,length=418
INFO [ProtocolNegotiationHandler] 16 Oct 2023 10:17:44.759 : FTPConnection.1 Server version = 'SSH-2.0-dropbear_2020.81'
DEBUG [SSHUtil] 16 Oct 2023 10:17:44.761 : FTPConnection.1 Major string = '2'
DEBUG [SSHUtil] 16 Oct 2023 10:17:44.761 : FTPConnection.1 Minor string = '0'
DEBUG [SSHUtil] 16 Oct 2023 10:17:44.761 : FTPConnection.1 Version 2.0
DEBUG [SSHUtil] 16 Oct 2023 10:17:44.761 : FTPConnection.1 Protocol compatible
DEBUG [ProtocolNegotiationHandler] 16 Oct 2023 10:17:44.761 : FTPConnection.1 392 surplus bytes available
DEBUG [SSHConnection] 16 Oct 2023 10:17:44.762 :  Server version=SSH-2.0-dropbear_2020.81
DEBUG [SSH2Connection] 16 Oct 2023 10:17:44.765 :  Starting key exchange
DEBUG [AbstractKeyExchanger] 16 Oct 2023 10:17:44.770 :  Sending SSH_MSG_KEXINIT
DEBUG [AbstractKeyExchanger] 16 Oct 2023 10:17:44.772 :  key exchange method=ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,ext-info-c
DEBUG [AbstractKeyExchanger] 16 Oct 2023 10:17:44.776 :  hostkey algorithms=ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-256,rsa-sha2-512,ssh-rsa,ssh-dss
DEBUG [AbstractKeyExchanger] 16 Oct 2023 10:17:44.778 :  ciphers=blowfish-cbc,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc,aes128-ctr,aes192-ctr,aes256-ctr
DEBUG [AbstractKeyExchanger] 16 Oct 2023 10:17:44.778 :  ciphers=blowfish-cbc,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc,aes128-ctr,aes192-ctr,aes256-ctr
DEBUG [AbstractKeyExchanger] 16 Oct 2023 10:17:44.780 :  MACs=hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96,hmac-sha2-256,hmac-sha2-512
DEBUG [AbstractKeyExchanger] 16 Oct 2023 10:17:44.780 :  MACs=hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96,hmac-sha2-256,hmac-sha2-512
DEBUG [AbstractKeyExchanger] 16 Oct 2023 10:17:44.781 :  compression algorithms=none,zlib
DEBUG [AbstractKeyExchanger] 16 Oct 2023 10:17:44.781 :  compression algorithms=none,zlib
DEBUG [PlainSocket] 16 Oct 2023 10:17:44.785 :  Sent 736 bytes (NoDelay=True, SendBufferSize=65536, ReceiveBufferSize=65536)
DEBUG [SSH2Connection] 16 Oct 2023 10:17:44.785 :  Packet written to socket
DEBUG [AbstractKeyExchanger] 16 Oct 2023 10:17:44.785 :  Sent SSH_MSG_KEXINIT
DEBUG [ClientKeyExchanger] 16 Oct 2023 10:17:44.785 :  Reading SSH_MSG_KEXINIT reply
DEBUG [AbstractKeyExchanger] 16 Oct 2023 10:17:44.789 :  Processing SSH_MSG_KEXINIT reply
DEBUG [AbstractKeyExchanger] 16 Oct 2023 10:17:44.791 :  Remote kex alg=curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,kexguess2@matt.ucc.asn.au
DEBUG [AbstractKeyExchanger] 16 Oct 2023 10:17:44.792 :  Decided kex alg= DiffieHellmanGroup14Sha1
DEBUG [AbstractKeyExchanger] 16 Oct 2023 10:17:44.792 :  Remote hostkey alg=rsa-sha2-256,ssh-rsa
DEBUG [AbstractKeyExchanger] 16 Oct 2023 10:17:44.792 :  Decided hostkey alg= RSA_SHA2_256
DEBUG [ClientKeyExchanger] 16 Oct 2023 10:17:44.794 :  Remote Cipher CS=chacha20-poly1305@openssh.com,aes128-ctr,aes256-ctr
DEBUG [ClientKeyExchanger] 16 Oct 2023 10:17:44.795 :  Decided Cipher C->S= AES_CTR_128
DEBUG [ClientKeyExchanger] 16 Oct 2023 10:17:44.795 :  Remote Cipher SC=chacha20-poly1305@openssh.com,aes128-ctr,aes256-ctr
DEBUG [ClientKeyExchanger] 16 Oct 2023 10:17:44.795 :  Decided Cipher S->C= AES_CTR_128
DEBUG [ClientKeyExchanger] 16 Oct 2023 10:17:44.795 :  Remote MAC CS=hmac-sha2-256
DEBUG [ClientKeyExchanger] 16 Oct 2023 10:17:44.796 :  Decided MAC C->S= HMAC_SHA2_256
DEBUG [ClientKeyExchanger] 16 Oct 2023 10:17:44.796 :  Remote MAC SC=hmac-sha2-256
DEBUG [ClientKeyExchanger] 16 Oct 2023 10:17:44.796 :  Decided MAC S->C= HMAC_SHA2_256
DEBUG [ClientKeyExchanger] 16 Oct 2023 10:17:44.796 :  Remote Comp CS=zlib@openssh.com,none
DEBUG [ClientKeyExchanger] 16 Oct 2023 10:17:44.796 :  Decided Comp C->S=None
DEBUG [ClientKeyExchanger] 16 Oct 2023 10:17:44.796 :  Remote Comp SC=zlib@openssh.com,none
DEBUG [ClientKeyExchanger] 16 Oct 2023 10:17:44.796 :  Decided Comp S->C=None
DEBUG [ClientKeyExchanger] 16 Oct 2023 10:17:44.797 :  first_kex_packet_follows=False
DEBUG [AbstractKeyExchanger] 16 Oct 2023 10:17:44.797 :  Processed SSH_MSG_KEXINIT reply
DEBUG [ClientKeyExchanger] 16 Oct 2023 10:17:44.797 :  Sending SSH_MSG_KEXDH_INIT
DEBUG [AbstractKeyExchanger] 16 Oct 2023 10:17:44.798 :  DH_PRIME_GROUP14
DEBUG [AbstractKeyExchanger] 16 Oct 2023 10:17:44.810 :  DH_PRIME_GROUP14
DEBUG [PlainSocket] 16 Oct 2023 10:17:44.825 :  Sent 272 bytes (NoDelay=True, SendBufferSize=65536, ReceiveBufferSize=65536)
DEBUG [SSH2Connection] 16 Oct 2023 10:17:44.825 :  Packet written to socket
DEBUG [ClientKeyExchanger] 16 Oct 2023 10:17:44.825 :  Sent SSH_MSG_KEXDH_INIT
DEBUG [SSH2Connection] 16 Oct 2023 10:17:44.825 :  Waiting for packet


DEBUG [PlainSocket] 16 Oct 2023 10:18:13.407 : FTPConnection.1 Receive received 968 bytes
DEBUG [SSH2PacketBuilder] 16 Oct 2023 10:18:13.407 : FTPConnection.1 ReduceBuffer()
DEBUG [SSH2Connection] 16 Oct 2023 10:18:13.407 :  Packet arrived
DEBUG [ClientKeyExchanger] 16 Oct 2023 10:18:13.410 :  Processing SSH_MSG_KEXDH_REPLY
DEBUG [AbstractKeyExchanger] 16 Oct 2023 10:18:13.411 :  DH_PRIME_GROUP14
DEBUG [ClientKeyExchanger] 16 Oct 2023 10:18:13.439 :  Verifying host key
DEBUG [ClientKeyExchanger] 16 Oct 2023 10:18:13.503 :  Processed SSH_MSG_KEXDH_INIT reply successfully
DEBUG [ClientKeyExchanger] 16 Oct 2023 10:18:13.503 :  Sending SSH_MSG_NEWKEYS
DEBUG [PlainSocket] 16 Oct 2023 10:18:13.503 :  Sent 16 bytes (NoDelay=True, SendBufferSize=65536, ReceiveBufferSize=65536)
DEBUG [SSH2Connection] 16 Oct 2023 10:18:13.503 :  Packet written to socket
DEBUG [ClientKeyExchanger] 16 Oct 2023 10:18:13.503 :  Sent SSH_MSG_NEWKEYS
DEBUG [ClientKeyExchanger] 16 Oct 2023 10:18:13.511 :  Established ciphers
DEBUG [ClientKeyExchanger] 16 Oct 2023 10:18:13.512 :  Established MACs
DEBUG [ClientKeyExchanger] 16 Oct 2023 10:18:13.512 :  Reading SSH_MSG_NEWKEYS reply
DEBUG [AbstractKeyExchanger] 16 Oct 2023 10:18:13.512 :  Processing SSH_MSG_NEWKEYS reply
DEBUG [SSH2Connection] 16 Oct 2023 10:18:13.513 :  Processed 0 queued messages
DEBUG [AbstractKeyExchanger] 16 Oct 2023 10:18:13.513 :  Processed SSH_MSG_NEWKEYS reply
DEBUG [AbstractKeyExchanger] 16 Oct 2023 10:18:13.513 :  Negotiated new keys successfully
DEBUG [SSH2Connection] 16 Oct 2023 10:18:13.513 :  Key exchange complete
by (162k points)
That's an enormous gap. If you can get access to the server log, it might tell you what's going on.

Categories

...